CSC/ECE 517 Fall 2016 E1687 Instructor account creation over the web

From Expertiza_Wiki
Jump to navigation Jump to search

E1687. Instructor Account Creation Over the Web

This page gives a detail of the final project of creating an instructor account over the web in Expertiza.


Introduction

Expertiza is a Ruby on Rails based open source project. The main motive of this project is to make learning more effective through peer review. This website is a result of combined effort of both students and faculty at NC State, and is used not just by this university but also in many other universities. The website allows students to form teams and work on various projects listed by the instructor and also suggest new topics that seem interesting, though they can opt not to work on them. It also makes it easy for the instructor to add a new topic to an assignment/project, create a new project and add students to it. The time spent by TAs and instructor is greatly reduced. The key feature is peer review, where the students can review the work of others and provide feedback. This helps in improving the existing work and also provides a new way to learn. There isn’t any restriction on the format of submission as it accepts any form of submission varying from URL to wiki pages, which isn’t a common feature in other websites.

Problem Statement

In Expertiza, user and instructor accounts are currently created by existing super administrators, instructors or TAs. For new users to access the system and experiment the features offered by Expertiza, a “demo-like” feature needs to implemented. The following are the set of requirements that needs to be catered with this feature:

  1. Allow people to request instructor accounts over the web. This feature should also have security features such as Captchas to help avoid account creation by bots.
  2. When a user account is created over the web, the super-admin should get e-mail regarding the same and also the user should be notified upon approval/denial (if denied, then reason should be specified).
  3. Currently, Expertiza consists of a lot of entities that can be made publicly visible to all other users in the system. But, accounts created this way should not be able to see existing public features, until the super-admin manually gives them permission to view public courses, assignments, and questionnaires.
  4. A user who creates an account over the web should be pointed to an instruction page and/or video on how to create an assignment and register students for it, etc.

Implementation

The following solutions shall be addressing the problems discussed above.

Problem 1

Once a user wants to register and try the features of Expertiza, upon opening the website, one can register by filling up the form and click the register button. There is a captcha that shall be shown below, to make sure that it isn't any bot that is accessing. It provides security to the application.

Problem 2

Once the user requests for an account creation, the super admin receives a mail informing about the request with the name of the requested user. The super admin shall then, look for the details of the user in the Requests tab and can either approve/decline the request. Once the super admin approves the user request, the user gets a mail notifying the same. If the request is rejected, then the reason should be mentioned in the reason tab of the form. But there is no mail sent to the user regarding that.

Problem 3

There shall be a flash message saying, “Login denied. Needs permission from super admin” that can be seen on the login page if an unregistered user tries to access the features of Expertiza. This helps in removing the access to few publicly visible features as it denies access completely.

Problem 4

Once the user account is approved by the super admin and the user tries to login upon notification, he/she shall be redirected to an “Instructions” page on successful login.

This page shall contain the video tutorials explaining various features of Expertiza and also on how to access them.

Files changed

The following are the list of files that were edited throughout the project.

  • views/auth/_login.html.erb
  • views/users/request_new.html.erb
  • views/users/review.html
  • views/instructions/home.html.erb
  • views/users/edit.html.erb
  • views/mailer/request_user_message.html.erb
  • views/users/new.html.erb
  • views/users/_password.html.erb
  • views/users/_user.html.erb
  • users_controller.rb
  • routes.rb
  • models
  • mailer_helper.rb
  • mailer.rb
  • models/requested_user.rb
  • config/initializers/recaptcha.rb


_login.html.erb add new button called Request Sign Up The welcome page will look as above. On clicking request sign up, a user will be redirected to a page like below: Request_new.html.erb which renders partial view - _user.html.erb

User will be able to fill up all the required details and request a signup. When a super administrator logins to his account he can go to Request/reject users menu as shown below

Super Admin can either approve/reject a user. The page will look like below( approve.html.erb):

In addition to the above files a new file called Instructions.html.erb which will have all the videos and instructions on how Expertiza works.

In users_controller.rb we will be having two new methods:

1. request_list 

def request_list
   user = session[:user]
   role = user.role
   all_users = request_user.get_requested_user_list
   letter = params[:letter]
   session[:letter] = letter
   if letter.nil?
     letter = all_users.first.name[0, 1].downcase unless all_users.empty?
   end
   @letters = []
   @per_page = 1
   @per_page = if params[:paginate_show]
                 params[:num_users]
               elsif params[:from_letter]
                 1
               else
                 params[:num_users]
               end
   @requested_users = paginate_list all_users
   @letters = ('A'..'Z').to_a
 end

2. approve_user 

 def approve_user
   # will be calling create method with required parameters and setting the status in request_users table to approved.
   # apter the user is created, email is sent to user.
 end

3. reject_user 

 def reject_user
   #will set the status in request_users to reject and send an email to user about the same.
 end

Database Changes

We will be creating a new table called request_users with table description that is similar to users Below is the table description of users table.

Our request_users will also be having a new column called status which describes that the user is approved or rejected.

Test Plan

We will be testing each of the functionality separately.

1. Test all views

will be testing if _login.html.erb, Request_new.html.erb and approve.html.erb are rendered properly.

2. Test all controller methods.

New test cases will be included for each case: 

  a) Does request_list method gives the proper list of requested users?
  b) Does approve_user actually create a new user
  c) Does reject_user actually not create a new user and change the status properly.
  d) Also test cases where the functions should not work.
Retrieved from "https://wiki.expertiza.ncsu.edu/index.php?title=CSC/ECE_517_Fall_2016_E1687_Instructor_account_creation_over_the_web&oldid=106410"